I'm not super familiar with AD / LDAP to know whether the scenario I encountered with getting connectivity to work is common or not. But wanted to list what I had to do in case it is worth adding to a future version of the plugin.

Issue: Could not get WPDIRAuth or any other LDAP plugin to work without customization. Core issue is that a prefix parameter ("company/") is required during authentication / search but not username / pass validation.

Resolution

Anywhere that accountSuffix or similar variable is stored, include an accountPrefix variable.

If I leave Bind DN / Bind Password empty - accounts which are already created OR attempted to create during a user login work successfully. However, use of the Add New Directory Authentication User form gets an error: "Directory authentication initially succeeded, but no valid profile was found (search procedure). []"

If Bind DN / Bind Password is filled - Admin can create new users but nobody is able to login with an AD account. All attempted logins get "Directory Authentication Error: Could not authenticate user. Please check your credentials. [Domain\username]"

I know this particular AD is kind of messy, but the weirdest part is that using the same account credentials to attempt both scenarios does not work. For time-being manual workaround is to put site into maintenance mode while creating new accounts (using Bind).

Would love to see a prefix field be in a future version and willing to be an excellent beta test scenario for it if that happens.